Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle jsp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3600
Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previ...
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.1
Oracle Enterprise Manager Grid Control 10.2.0.5
1 EDB exploit
NA
CVE-2012-3153
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from th...
Oracle Fusion Middleware 11.1.2.0
Oracle Fusion Middleware 11.1.1.4.0
Oracle Fusion Middleware 11.1.1.6.0
1 EDB exploit
1 Github repository
4.8
CVSSv3
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...
Apache Tomcat
Apache Tomee 7.0.7
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Health Sciences Empirica Inspections 1.0.1.2
NA
CVE-2001-1372
Oracle 9i Application Server 1.0.2 allows remote malicious users to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message.
Oracle Application Server 1.0.2
NA
CVE-2001-0419
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote malicious users to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /...
Oracle Application Server 4.0.8.2
1 EDB exploit
9.8
CVSSv3
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
4.8
CVSSv3
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located be...
Apache Tomcat 9.0.0
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand System Manager
Netapp Data Availability Services -
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Retail Order Broker 15.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.5
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Instantis Enterprisetrack
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
NA
CVE-2005-4550
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote malicious users to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
Oracle Application Server Discussion Forum Portlet
1 EDB exploit
7.5
CVSSv3
CVE-2020-13934
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial ...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
7.5
CVSSv3
CVE-2021-42340
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the c...
Apache Tomcat 10.0.0
Apache Tomcat 10.1.0
Apache Tomcat
Netapp Hci -
Netapp Management Services For Element Software -
Debian Debian Linux 11.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Sd-wan Edge 9.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Sd-wan Edge 9.1
Oracle Communications Diameter Signaling Router
Oracle Big Data Spatial And Graph
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Retail Customer Insights 15.0.2
Oracle Retail Customer Insights 16.0.2
Oracle Taleo Platform
Oracle Payment Interface 20.3
Oracle Payment Interface 19.1
Oracle Retail Eftlink 21.0.0
Oracle Retail Data Extractor For Merchandising 16.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »